memperbaiki fitur update user, dan menambahkan otorisasi user

perpustakaan/book/forms.py

@@ -31,6 +31,11 @@ class formCategory(ModelForm):
     class Meta:
         model = CategoryBook
         fields = '__all__'
+
+class UpdateUserForm(forms.ModelForm):
+    class Meta:
+        model = CustomUser
+        fields = ['email', 'first_name', 'last_name', 'role']
         
 # class CustomUserChangeForm(UserChangeForm):
 #     class Meta:

perpustakaan/book/templates/buku/addbuku.html

-{% extends "index.html"%} {% block content%}
-<div class="card">
-
-  <div class="card-header text-light bg-gradient-danger">
-    <h3>Tambah Data Buku</h3> </div>
-  <hr>
-  <div class="card-body">
-    <div class="card-body col-sm-5">
-    <form method="post" action="{% url 'createbook'%}" enctype="multipart/form-data">
-        {% csrf_token %}
-        <div class="form-group row">
-          <label class="col-4 col-form-label" for="judul">judul Buku</label> 
-          <div class="col-8 ">
-            <input id="judul" name="judul" placeholder="Masukan Judul Buku" type="text" class="form-control" required="required">
-          </div>
-        </div>
-        <div class="form-group row">
-          <label for="penerbit" class="col-4 col-form-label">Nama Penerbit</label> 
-          <div class="col-8">
-            <input id="penerbit" name="penerbit" placeholder="Masukan Nama Penerbit" type="text" class="form-control" required="required">
-          </div>
-        </div> 
-        <div class="form-group row">
-          <label for="penulis" class="col-4 col-form-label">Nama penulis</label> 
-          <div class="col-8">
-            <input id="penulis" name="penulis" placeholder="Masukan Nama Penulis" type="text" class="form-control" required="required">
-          </div>
-        </div> 
-        <div class="form-group row">
-          <label for="tahun_terbit" class="col-4 col-form-label">Tahun rilis</label> 
-          <div class="col-8">
-            <input id="tahun_terbit" name="tahun_terbit"  type="number" placeholder="Masukan Tahun Terbit" class="form-control" required="required">
-          </div>
-        </div> 
-
-        
-
-        <button type="submit" name="submit" class="btn btn-primary align-items-center">Insert</button>
-      </form>
-    </div>
-  </div>  
-</div>
-{% endblock content%}
\ No newline at end of file

perpustakaan/book/templates/buku/databuku.html

@@ -23,7 +23,9 @@
         </div>
         {% endfor %} 
       {% endif %}
+      {% if request.user.is_authenticated and request.user.role == 'librarian'%}
       <a href="{% url 'book-create'%}" type="button" class="btn btn-primary"><i class="fas fa-fw fa-save"></i> Tambah Data Buku</a>
+      {% endif %}
     </div>
     <div class="card-body ">
       <div class="table-responsive ">
@@ -62,12 +64,14 @@
                 <a href="detail/{{books.id}}" class="btn btn-secondary ">
                   <i class="fas fa-fw fa-info"></i><span class="text"> Detail</span>
                 </a>
+                {% if request.user.is_authenticated and request.user.role == 'librarian'%}
                 <a href="edit/{{books.id}}" class="btn btn-warning ">
                   <i class="fas fa-fw fa-edit"></i><span class="text"> Edit</span>
                 </a>
                 <a href="delete/{{books.id}}" onclick="return confirm('aapakah anda yakin?')" class="btn btn-danger ">
                   <i class="fas fa-fw fa-trash"></i><span class="text"> Delete</span>
                 </a>
+                {% endif %}
               </td>
             </tr>
             {%endfor%}

perpustakaan/book/templates/buku/tambahbuku.html

@@ -36,7 +36,7 @@
           <label class="col-4 col-form-label" for="nama">Category Buku</label> 
           <div class="col-8">
             <select class="form-control" aria-label="Default select example" name="categorybook">
-              <option selected>Open this select menu</option>
+              <option selected>Open this select category</option>
               {% for category in categorys %}
                 <option value="{{category.id}}">{{category.namaCategory}}</option>
               {%endfor%}

perpustakaan/book/templates/category/datacategory.html

@@ -23,7 +23,7 @@
         </div>
         {% endfor %} 
       {% endif %}
-      <a href="{% url 'category-create'%}" type="button" class="btn btn-primary"><i class="fas fa-fw fa-save"></i> Tambah Data Buku</a>
+      <a href="{% url 'category-create'%}" type="button" class="btn btn-primary"><i class="fas fa-fw fa-save"></i> Tambah Data Category</a>
     </div>
     <div class="card-body">
       <div class="table-responsive">

perpustakaan/book/templates/index.html

@@ -94,7 +94,12 @@
               <div class="bg-white py-2 collapse-inner rounded">
                   <h6 class="collapse-header">Peminjaman Featue</h6>
                   <a class="collapse-item" href="{% url 'datapeminjaman'%}">Data Peminjaman Buku</a>
+                  {% if request.user.is_authenticated and request.user.role == 'member'%}
+                  <a class="collapse-item" href="{% url 'loans-by-user'%}">Book loan By user</a>
+                  {%endif%}
+                  {% if request.user.is_authenticated and request.user.role == 'librarian'%}
                   <a class="collapse-item" href="{% url 'createpeminjaman'%}">Tambah Peminjaman Buku</a>
+                  {%endif%}
               </div>
           </div>
       </li>
@@ -113,8 +118,8 @@
             </div>
         </div>
     </li>
-      {% if request.user.is_authenticated %}
-        {% if request.user.role == 'librarian' %}
+      {% if request.user.is_authenticated and request.user.role == 'librarian'%}
+        <!-- {% if request.user.role == 'librarian' %} -->
           <hr class="sidebar-divider" />
           <li class="nav-item">
             <a class="nav-link" href="{% url 'datauser'%}">
@@ -122,7 +127,7 @@
               <span>user</span></a
             >
           </li>
-        {% endif%}
+        <!-- {% endif%} -->
       {% endif%}
         <hr class="sidebar-divider" />
         <li class="nav-item">

perpustakaan/book/templates/peminjaman/datapeminjaman.html

@@ -25,8 +25,9 @@
 
         
       {% endif %}
-      
+      {% if request.user.is_authenticated and request.user.role == 'librarian'%}
       <a href="{% url 'createpeminjaman'%}" type="button" class="btn btn-primary"><i class="fas fa-fw fa-save"></i> Tambah Data Peminjaman</a>
+      {% endif %}
       <a href="{% url 'loans-by-user'%}" type="button" class="btn btn-primary"><i class="fas fa-fw fa-save"></i> Tambah Data Peminjaman by user</a>
     </div>
     <div class="card-body">
@@ -65,12 +66,14 @@
                 {% endif %}
               </td>
               <td>
+                {% if request.user.is_authenticated and request.user.role == 'librarian'%}
                 <a href="edit/{{peminjaman.id}}" class="btn btn-warning ">
                   <i class="fas fa-fw fa-edit"></i><span class="text"> Edit</span>
                 </a>
                 <a href="delete/{{peminjaman.id}}" onclick="return confirm('apakah anda yakin?')" class="btn btn-danger ">
                   <i class="fas fa-fw fa-trash"></i><span class="text"> Delete</span>
                 </a>
+                {%endif%}
               </td>
             </tr>
             {%endfor%}

perpustakaan/book/templates/user/adduser.html

@@ -8,7 +8,7 @@
     <div class="card-body col-5 ">
     <form method="POST" action="{% url 'createuser'%}" >
         {% csrf_token %}
-        <!-- <div class="form-group">
+        <div class="form-group">
           <div class="form-group">
             <input
               type="text"
@@ -30,26 +30,6 @@
               name="email" required
             />
           </div>
-          <div class="form-group">
-            <input
-              type="text"
-              class="form-control form-control-user"
-              id="first_name"
-              aria-describedby="emailHelp"
-              placeholder="Enter first_name..."
-              name="first_name" required
-            />
-          </div>
-          <div class="form-group">
-            <input
-              type="text"
-              class="form-control form-control-user"
-              id="last_name"
-              aria-describedby="emailHelp"
-              placeholder="Enter last_name..."
-              name="last_name" required
-            />
-          </div>
           <div class="form-group">
             <input
               type="password"
@@ -69,16 +49,10 @@
             />
           </div>
           <div class="form-group">
-            <input
-              type="text"
-              class="form-control form-control-user"
-              id="role"
-              name="role"  
-            />
+            {{form.role}}
           </div> 
           
-        </div>-->
-        {{form}}
+        </div>
         <button type="submit" value="createuser" name="submit" class="btn btn-primary align-items-center">Insert</button>
       </form>
     </div>

perpustakaan/book/templates/user/datauser.html

@@ -39,7 +39,6 @@
               <th>Username</th>
               <th>email</th>
               <th>First Name</th>
-              <th>Password</th>
               <th>Role</th>
               <th>Aksi</th>
             </tr>
@@ -52,7 +51,6 @@
                 <td>{{user.username}}</td>
                 <td>{{user.email}}</td>
                 <td>{{user.first_name}}</td>
-                <td>{{user.password}}</td>
                 <td>{{user.role}}</td>
                 <td>
                   <a href="edit/{{user.id}}" class="btn btn-warning mb-1">

perpustakaan/book/templates/user/edituser.html

@@ -8,27 +8,27 @@
   <form method="post" action="{% url 'updateuser' user.id%}" enctype="multipart/form-data">
       {% csrf_token %}
       <div class="form-group row">
-        <label class="col-4 col-form-label" for="username">username </label> 
+        <label class="col-4 col-form-label" for="email">email </label> 
         <div class="col-8">
-          <input id="username" name="username"  value="{{getuser.username}}" placeholder="Masukan Nama " type="text" class="form-control" required="required">
+          <input id="email" name="email"  value="{{user.email}}" placeholder="Masukan Nama " type="email" class="form-control" required="required">
         </div>
       </div>
       <div class="form-group row">
-        <label class="col-4 col-form-label" for="email">email </label> 
+        <label class="col-4 col-form-label" for="first_name">first_name </label> 
         <div class="col-8">
-          <input id="email" name="email"  value="{{getuser.email}}" placeholder="Masukan Nama " type="email" class="form-control" required="required">
+          <input id="first_name" name="first_name"  value="{{user.first_name}}" placeholder="Masukan Nama " type="text" class="form-control" required="required">
         </div>
       </div>
       <div class="form-group row">
-        <label class="col-4 col-form-label" for="first_name">first_name </label> 
+        <label class="col-4 col-form-label" for="last_name">last_name </label> 
         <div class="col-8">
-          <input id="first_name" name="first_name"  value="{{getuser.first_name}}" placeholder="Masukan Nama " type="text" class="form-control" required="required">
+          <input id="last_name" name="last_name"  value="{{user.last_name}}" placeholder="Masukan Nama " type="text" class="form-control" required="required">
         </div>
       </div>
       <div class="form-group row">
-        <label class="col-4 col-form-label" for="last_name">last_name </label> 
+        <label class="col-4 col-form-label" for="role">role </label> 
         <div class="col-8">
-          <input id="last_name" name="last_name"  value="{{getuser.last_name}}" placeholder="Masukan Nama " type="text" class="form-control" required="required">
+          {{form.role}}
         </div>
       </div>
       <!--<div class="form-group row">

perpustakaan/book/urls.py

@@ -27,7 +27,7 @@ urlpatterns =[
     path('user/create/', views.createuser, name='createuser'),
     path('user/delete/<int:id>/', views.deleteuser, name='deleteuser'),
     path('loginhistory/', views.login_history, name='history'),
-    path('user/edit/<int:id>/', views.updateuser, name='updateuser'),
+    path('user/edit/<int:pk>/', UserUpdateView.as_view(), name='updateuser'),
     path('update_password/', views.update_password, name='update_password'),
 
     

perpustakaan/book/views.py

@@ -59,7 +59,8 @@ class BookCreateView(View):
 
 
 
-
+##untuk peminjaman buku berdasarkan user yang sedang login
+@method_decorator(login_required, name='dispatch')
 class PeminjamanCreateView(View):
     template_name = 'peminjaman/tambah_peminjaman.html'
 
@@ -74,9 +75,10 @@ class PeminjamanCreateView(View):
             peminjaman.member = request.user
             peminjaman.save()
             messages.success(request, 'Berhasil Input Data peminjaman')
-            return redirect('datapeminjaman')
+            return redirect('list-loan-user')
         return render(request, self.template_name, {'form': form})
-    
+
+@method_decorator(login_required, name='dispatch')
 class ListPeminjamanByUser(View):
     template_name = 'peminjaman/list_peminjaman_user.html'
     def get(self, request):
@@ -309,29 +311,14 @@ def login_history(request):
     return render(request, 'registration/login_history.html', context)
 
 # edit user dari admin page
-
-@login_required(login_url=settings.LOGIN_URL)
-def updateuser(request, id ):
-    if request.method == 'POST':
-        username = request.POST['username']
-        email = request.POST['email']
-        first_name = request.POST['first_name']
-        last_name = request.POST['last_name']
-        user = CustomUser.objects.get(id=id)
-        user.username= username
-        user.email = email
-        user.first_name = first_name
-        user.last_name = last_name
-        user.save()
-        messages.success(request, 'berhasil edit data user')
-        return redirect('datauser')
-
-    else:
-        getUser = CustomUser.objects.get(id=id)
-        context = {
-            'getuser' : getUser,
-        }
-        return render(request, 'user/edituser.html', context)
+@method_decorator(login_required, name='dispatch')
+@method_decorator(librarian_required, name='dispatch')  
+class UserUpdateView(UpdateView):
+    model = CustomUser
+    form_class = UpdateUserForm
+    context_object_name = 'user'
+    template_name = 'user/edituser.html'
+    success_url = reverse_lazy('datauser')
 
 @login_required
 def update_password(request):